[Secure-testing-commits] r17073 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Aug 10 21:14:22 UTC 2011
Author: joeyh
Date: 2011-08-10 21:14:21 +0000 (Wed, 10 Aug 2011)
New Revision: 17073
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-08-10 09:52:20 UTC (rev 17072)
+++ data/CVE/list 2011-08-10 21:14:21 UTC (rev 17073)
@@ -1,3 +1,243 @@
+CVE-2011-3120
+ RESERVED
+CVE-2011-3119
+ RESERVED
+CVE-2011-3118
+ RESERVED
+CVE-2011-3117
+ RESERVED
+CVE-2011-3116
+ RESERVED
+CVE-2011-3115
+ RESERVED
+CVE-2011-3114
+ RESERVED
+CVE-2011-3113
+ RESERVED
+CVE-2011-3112
+ RESERVED
+CVE-2011-3111
+ RESERVED
+CVE-2011-3110
+ RESERVED
+CVE-2011-3109
+ RESERVED
+CVE-2011-3108
+ RESERVED
+CVE-2011-3107
+ RESERVED
+CVE-2011-3106
+ RESERVED
+CVE-2011-3105
+ RESERVED
+CVE-2011-3104
+ RESERVED
+CVE-2011-3103
+ RESERVED
+CVE-2011-3102
+ RESERVED
+CVE-2011-3101
+ RESERVED
+CVE-2011-3100
+ RESERVED
+CVE-2011-3099
+ RESERVED
+CVE-2011-3098
+ RESERVED
+CVE-2011-3097
+ RESERVED
+CVE-2011-3096
+ RESERVED
+CVE-2011-3095
+ RESERVED
+CVE-2011-3094
+ RESERVED
+CVE-2011-3093
+ RESERVED
+CVE-2011-3092
+ RESERVED
+CVE-2011-3091
+ RESERVED
+CVE-2011-3090
+ RESERVED
+CVE-2011-3089
+ RESERVED
+CVE-2011-3088
+ RESERVED
+CVE-2011-3087
+ RESERVED
+CVE-2011-3086
+ RESERVED
+CVE-2011-3085
+ RESERVED
+CVE-2011-3084
+ RESERVED
+CVE-2011-3083
+ RESERVED
+CVE-2011-3082
+ RESERVED
+CVE-2011-3081
+ RESERVED
+CVE-2011-3080
+ RESERVED
+CVE-2011-3079
+ RESERVED
+CVE-2011-3078
+ RESERVED
+CVE-2011-3077
+ RESERVED
+CVE-2011-3076
+ RESERVED
+CVE-2011-3075
+ RESERVED
+CVE-2011-3074
+ RESERVED
+CVE-2011-3073
+ RESERVED
+CVE-2011-3072
+ RESERVED
+CVE-2011-3071
+ RESERVED
+CVE-2011-3070
+ RESERVED
+CVE-2011-3069
+ RESERVED
+CVE-2011-3068
+ RESERVED
+CVE-2011-3067
+ RESERVED
+CVE-2011-3066
+ RESERVED
+CVE-2011-3065
+ RESERVED
+CVE-2011-3064
+ RESERVED
+CVE-2011-3063
+ RESERVED
+CVE-2011-3062
+ RESERVED
+CVE-2011-3061
+ RESERVED
+CVE-2011-3060
+ RESERVED
+CVE-2011-3059
+ RESERVED
+CVE-2011-3058
+ RESERVED
+CVE-2011-3057
+ RESERVED
+CVE-2011-3056
+ RESERVED
+CVE-2011-3055
+ RESERVED
+CVE-2011-3054
+ RESERVED
+CVE-2011-3053
+ RESERVED
+CVE-2011-3052
+ RESERVED
+CVE-2011-3051
+ RESERVED
+CVE-2011-3050
+ RESERVED
+CVE-2011-3049
+ RESERVED
+CVE-2011-3048
+ RESERVED
+CVE-2011-3047
+ RESERVED
+CVE-2011-3046
+ RESERVED
+CVE-2011-3045
+ RESERVED
+CVE-2011-3044
+ RESERVED
+CVE-2011-3043
+ RESERVED
+CVE-2011-3042
+ RESERVED
+CVE-2011-3041
+ RESERVED
+CVE-2011-3040
+ RESERVED
+CVE-2011-3039
+ RESERVED
+CVE-2011-3038
+ RESERVED
+CVE-2011-3037
+ RESERVED
+CVE-2011-3036
+ RESERVED
+CVE-2011-3035
+ RESERVED
+CVE-2011-3034
+ RESERVED
+CVE-2011-3033
+ RESERVED
+CVE-2011-3032
+ RESERVED
+CVE-2011-3031
+ RESERVED
+CVE-2011-3030
+ RESERVED
+CVE-2011-3029
+ RESERVED
+CVE-2011-3028
+ RESERVED
+CVE-2011-3027
+ RESERVED
+CVE-2011-3026
+ RESERVED
+CVE-2011-3025
+ RESERVED
+CVE-2011-3024
+ RESERVED
+CVE-2011-3023
+ RESERVED
+CVE-2011-3022
+ RESERVED
+CVE-2011-3021
+ RESERVED
+CVE-2011-3020
+ RESERVED
+CVE-2011-3019
+ RESERVED
+CVE-2011-3018
+ RESERVED
+CVE-2011-3017
+ RESERVED
+CVE-2011-3016
+ RESERVED
+CVE-2011-3015
+ RESERVED
+CVE-2011-3014 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through ...)
+ TODO: check
+CVE-2011-3013 (WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer ...)
+ TODO: check
+CVE-2011-3012 (The ioQuake3 engine, as used in World of Padman 1.2 and earlier, ...)
+ TODO: check
+CVE-2011-3011
+ RESERVED
+CVE-2011-3010
+ RESERVED
+CVE-2011-3009 (Ruby before 1.8.6-p114 does not reset the random seed upon forking, ...)
+ TODO: check
+CVE-2011-3008 (The default configuration of Avaya Secure Access Link (SAL) Gateway ...)
+ TODO: check
+CVE-2008-7298 (The Android browser in Android cannot properly restrict modifications ...)
+ TODO: check
+CVE-2008-7297 (Opera cannot properly restrict modifications to cookies established in ...)
+ TODO: check
+CVE-2008-7296 (Apple Safari cannot properly restrict modifications to cookies ...)
+ TODO: check
+CVE-2008-7295 (Microsoft Internet Explorer cannot properly restrict modifications to ...)
+ TODO: check
+CVE-2008-7294 (Google Chrome before 4.0.211.0 cannot properly restrict modifications ...)
+ TODO: check
+CVE-2008-7293 (Mozilla Firefox before 4 cannot properly restrict modifications to ...)
+ TODO: check
+CVE-2008-7292 (Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before ...)
+ TODO: check
CVE-2011-XXXX [libencode-perl unspecified issue]
- libencode-perl 2.44-1
CVE-2011-3007
@@ -56,14 +296,14 @@
RESERVED
CVE-2011-2980
RESERVED
-CVE-2011-2979
- RESERVED
-CVE-2011-2978
- RESERVED
-CVE-2011-2977
- RESERVED
-CVE-2011-2976
- RESERVED
+CVE-2011-2979 (Bugzilla 4.1.x before 4.1.3 generates different responses for certain ...)
+ TODO: check
+CVE-2011-2978 (Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before ...)
+ TODO: check
+CVE-2011-2977 (Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x ...)
+ TODO: check
+CVE-2011-2976 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through ...)
+ TODO: check
CVE-2011-2975 (Double free vulnerability in the msAddImageSymbol function in ...)
TODO: check
CVE-2011-2974
@@ -229,8 +469,8 @@
[squeeze] - xpdf <no-dsa> (zxpdf script is indeed affected, but it's not associated with pdf handling by default, so not a concern for remote abuse)
CVE-2011-2901
RESERVED
-CVE-2011-2900
- RESERVED
+CVE-2011-2900 (Stack-based buffer overflow in the (1) put_dir function in mongoose.c ...)
+ TODO: check
CVE-2011-2899
RESERVED
- foomatic-gui 0.7.9.5 (low)
@@ -626,11 +866,9 @@
CVE-2011-2722
RESERVED
- hplip <unfixed> (bug #635549; low)
-CVE-2011-2721 [clamav: off-by-one]
- RESERVED
+CVE-2011-2721 (Off-by-one error in the cli_hm_scan function in matcher-hash.c in ...)
- clamav 0.97.2+dfsg-1 (bug #635599)
-CVE-2011-2720 [glpi: Insufficient blacklist]
- RESERVED
+CVE-2011-2720 (The autocompletion functionality in GLPI before 0.80.2 does not ...)
- glpi 0.80.2-1 (bug #635544; unimportant)
NOTE: Only supported behind an authenticated HTTP zone
CVE-2011-2719 (libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before ...)
@@ -670,8 +908,7 @@
- linux-2.6 <not-affected> (xtensa arch not used in Debian)
CVE-2011-2706
RESERVED
-CVE-2011-2705
- RESERVED
+CVE-2011-2705 (The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby ...)
- ruby1.8 <unfixed> (low; bug #635878)
- ruby1.9 <unfixed> (low)
- ruby1.9.1 <unfixed> (low)
@@ -730,8 +967,7 @@
CVE-2011-2687 (Drupal 7.x before 7.3 allows remote attackers to bypass intended ...)
- drupal7 7.4-1 (bug #633385)
- drupal6 <not-affected>
-CVE-2011-2686
- RESERVED
+CVE-2011-2686 (Ruby before 1.8.7-p352 does not reset the random seed upon forking, ...)
- ruby1.8 <unfixed> (low; bug #635878)
- ruby1.9 <unfixed> (low)
- ruby1.9.1 <unfixed> (low)
@@ -923,7 +1159,7 @@
NOT-FOR-US: Opera
CVE-2011-2609 (Opera before 11.50 does not properly restrict data: URIs, which makes ...)
NOT-FOR-US: Opera
-CVE-2011-2608 (ovbbccb.exe 6.20.50.0 and earlier in HP OpenView Performance Agent ...)
+CVE-2011-2608 (ovbbccb.exe 6.20.50.0 and other versions in HP OpenView Performance ...)
NOT-FOR-US: HP OpenView
CVE-2011-2607 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert ...)
NOT-FOR-US: IBM Rational Team Concert
@@ -982,12 +1218,12 @@
RESERVED
CVE-2011-2592
RESERVED
-CVE-2011-2591
- RESERVED
-CVE-2011-2590
- RESERVED
-CVE-2011-2589
- RESERVED
+CVE-2011-2591 (Multiple buffer overflows in the Provideo ActiveX controls allow ...)
+ TODO: check
+CVE-2011-2590 (The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 ...)
+ TODO: check
+CVE-2011-2589 (Heap-based buffer overflow in the SendLogAction method in the UUPlayer ...)
+ TODO: check
CVE-2011-2588 (Heap-based buffer overflow in the AVI_ChunkRead_strf function in ...)
- vlc 1.1.11-1 (bug #633675)
CVE-2011-2587 (Heap-based buffer overflow in the DemuxAudioSipr function in real.c in ...)
@@ -1465,12 +1701,12 @@
TODO: check
CVE-2011-2384
RESERVED
-CVE-2011-2381
- RESERVED
-CVE-2011-2380
- RESERVED
-CVE-2011-2379
- RESERVED
+CVE-2011-2381 (CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x ...)
+ TODO: check
+CVE-2011-2380 (Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before ...)
+ TODO: check
+CVE-2011-2379 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through ...)
+ TODO: check
CVE-2011-2378
RESERVED
CVE-2011-2377 (Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird ...)
@@ -1858,14 +2094,14 @@
RESERVED
CVE-2011-2225
RESERVED
-CVE-2011-2224
- RESERVED
-CVE-2011-2223
- RESERVED
-CVE-2011-2222
- RESERVED
-CVE-2011-2221
- RESERVED
+CVE-2011-2224 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through ...)
+ TODO: check
+CVE-2011-2223 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through ...)
+ TODO: check
+CVE-2011-2222 (Session fixation vulnerability in WebAdmin in the Mobility Pack before ...)
+ TODO: check
+CVE-2011-2221 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through ...)
+ TODO: check
CVE-2011-2220 (Stack-based buffer overflow in NFREngine.exe in Novell File Reporter ...)
NOT-FOR-US: Novell File Reporter
CVE-2011-2219
@@ -4418,8 +4654,8 @@
RESERVED
CVE-2011-1341
RESERVED
-CVE-2011-1340
- RESERVED
+CVE-2011-1340 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
CVE-2011-1339 (Cross-site scripting (XSS) vulnerability in Google Search Appliance ...)
NOT-FOR-US: Google Search Appliance
CVE-2011-1338 (Untrusted search path vulnerability in XnView before 1.98.1 allows ...)
More information about the Secure-testing-commits
mailing list